Search...

Oracle Linux 6 / 7 : bind (ELSA-2015-1705)

2015-09-04T00:00:00

ID ORACLELINUX_ELSA-2015-1705.NASL
Type nessus
Reporter This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
Modified 2015-09-04T00:00:00

Description

From Red Hat Security Advisory 2015:1705 :

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7.

Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly.

A denial of service flaw was found in the way BIND parsed certain malformed DNSSEC keys. A remote attacker could use this flaw to send a specially crafted DNS query (for example, a query requiring a response from a zone containing a deliberately malformed key) that would cause named functioning as a validating resolver to crash. (CVE-2015-5722)

Red Hat would like to thank ISC for reporting this issue. Upstream acknowledges Hanno Bock as the original reporter.

All bind users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the BIND daemon (named) will be restarted automatically.

                                        
                                            #%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2015:1705 and 
# Oracle Linux Security Advisory ELSA-2015-1705 respectively.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(85777);
  script_version("1.15");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2015-5722");
  script_xref(name:"RHSA", value:"2015:1705");

  script_name(english:"Oracle Linux 6 / 7 : bind (ELSA-2015-1705)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Oracle Linux host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"From Red Hat Security Advisory 2015:1705 :

Updated bind packages that fix one security issue are now available
for Red Hat Enterprise Linux 6 and 7.

Red Hat Product Security has rated this update as having Important
security impact. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available from the
CVE link in the References section.

The Berkeley Internet Name Domain (BIND) is an implementation of the
Domain Name System (DNS) protocols. BIND includes a DNS server
(named); a resolver library (routines for applications to use when
interfacing with DNS); and tools for verifying that the DNS server is
operating correctly.

A denial of service flaw was found in the way BIND parsed certain
malformed DNSSEC keys. A remote attacker could use this flaw to send a
specially crafted DNS query (for example, a query requiring a response
from a zone containing a deliberately malformed key) that would cause
named functioning as a validating resolver to crash. (CVE-2015-5722)

Red Hat would like to thank ISC for reporting this issue. Upstream
acknowledges Hanno Bock as the original reporter.

All bind users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue. After installing the
update, the BIND daemon (named) will be restarted automatically."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2015-September/005381.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://oss.oracle.com/pipermail/el-errata/2015-September/005382.html"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected bind packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-chroot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-libs-lite");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-license");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-lite-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-sdb");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-sdb-chroot");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:oracle:linux:bind-utils");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:oracle:linux:7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2015/09/04");
  script_set_attribute(attribute:"patch_publication_date", value:"2015/09/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/09/04");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Oracle Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/OracleLinux", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/OracleLinux")) audit(AUDIT_OS_NOT, "Oracle Linux");
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || !pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux)", string:release)) audit(AUDIT_OS_NOT, "Oracle Linux");
os_ver = pregmatch(pattern: "Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Oracle Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^(6|7)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Oracle Linux 6 / 7", "Oracle Linux " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" &gt;!&lt; cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Oracle Linux", cpu);

flag = 0;
if (rpm_check(release:"EL6", reference:"bind-9.8.2-0.37.rc1.el6_7.4")) flag++;
if (rpm_check(release:"EL6", reference:"bind-chroot-9.8.2-0.37.rc1.el6_7.4")) flag++;
if (rpm_check(release:"EL6", reference:"bind-devel-9.8.2-0.37.rc1.el6_7.4")) flag++;
if (rpm_check(release:"EL6", reference:"bind-libs-9.8.2-0.37.rc1.el6_7.4")) flag++;
if (rpm_check(release:"EL6", reference:"bind-sdb-9.8.2-0.37.rc1.el6_7.4")) flag++;
if (rpm_check(release:"EL6", reference:"bind-utils-9.8.2-0.37.rc1.el6_7.4")) flag++;

if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-chroot-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-devel-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-libs-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-libs-lite-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-license-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-lite-devel-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-sdb-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-sdb-chroot-9.9.4-18.el7_1.5")) flag++;
if (rpm_check(release:"EL7", cpu:"x86_64", reference:"bind-utils-9.9.4-18.el7_1.5")) flag++;


if (flag)
{
  if (report_verbosity &gt; 0) security_hole(port:0, extra:rpm_report_get());
  else security_hole(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "bind / bind-chroot / bind-devel / bind-libs / bind-libs-lite / etc");
}

JSON Vulners Source

Initial Source

{"id": "ORACLELINUX_ELSA-2015-1705.NASL", "bulletinFamily": "scanner", "title": "Oracle Linux 6 / 7 : bind (ELSA-2015-1705)", "description": "From Red Hat Security Advisory 2015:1705 :\n\nUpdated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "published": "2015-09-04T00:00:00", "modified": "2015-09-04T00:00:00", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://www.tenable.com/plugins/nessus/85777", "reporter": "This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://oss.oracle.com/pipermail/el-errata/2015-September/005381.html", "https://oss.oracle.com/pipermail/el-errata/2015-September/005382.html"], "cvelist": ["CVE-2015-5722"], "type": "nessus", "lastseen": "2021-01-17T12:50:10", "edition": 24, "viewCount": 3, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2015-5722"]}, {"type": "f5", "idList": ["SOL17181", "F5:K17181"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1705", "ELSA-2015-1706", "ELSA-2015-1707"]}, {"type": "suse", "idList": ["SUSE-SU-2015:1481-1", "OPENSUSE-SU-2015:1667-1", "SUSE-SU-2015:1496-1", "SUSE-SU-2015:1480-1", "OPENSUSE-SU-2015:1597-1"]}, {"type": "redhat", "idList": ["RHSA-2016:0078", "RHSA-2016:0079", "RHSA-2015:1707", "RHSA-2015:1705", "RHSA-2015:1706"]}, {"type": "centos", "idList": ["CESA-2015:1706", "CESA-2015:1707", "CESA-2015:1705"]}, {"type": "fedora", "idList": ["FEDORA:435A16087589", "FEDORA:4E4776087597", "FEDORA:6CE376075494", "FEDORA:29344605F21A", "FEDORA:980D66087918", "FEDORA:687B46087671", "FEDORA:4CBF7613436F", "FEDORA:77F1260D3010"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14669", "SECURITYVULNS:DOC:32569", "SECURITYVULNS:DOC:32483"]}, {"type": "aix", "idList": ["BIND_ADVISORY9.ASC"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310882273", "OPENVAS:1361412562310871445", "OPENVAS:1361412562310850868", "OPENVAS:1361412562310869987", "OPENVAS:1361412562310842426", "OPENVAS:1361412562310123014", "OPENVAS:1361412562310703350", "OPENVAS:1361412562310871443", "OPENVAS:1361412562310869928", "OPENVAS:1361412562310123012"]}, {"type": "freebsd", "idList": ["EAF3B255-5245-11E5-9AD8-14DAE9D210B8"]}, {"type": "nessus", "idList": ["SUSE_SU-2015-1480-1.NASL", "AIX_IV78094.NASL", "DEBIAN_DLA-308.NASL", "AIX_IV78095.NASL", "ORACLELINUX_ELSA-2015-1707.NASL", "SL_20150903_BIND_ON_SL6_X.NASL", "UBUNTU_USN-2728-1.NASL", "SL_20150903_BIND_ON_SL5_X.NASL", "CENTOS_RHSA-2015-1707.NASL", "REDHAT-RHSA-2015-1707.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3350-1:DDF3B", "DEBIAN:DLA-308-1:0986C"]}, {"type": "ubuntu", "idList": ["USN-2728-1"]}, {"type": "archlinux", "idList": ["ASA-201509-2"]}, {"type": "slackware", "idList": ["SSA-2015-245-01"]}, {"type": "amazon", "idList": ["ALAS-2015-594"]}], "modified": "2021-01-17T12:50:10", "rev": 2}, "score": {"value": 5.8, "vector": "NONE", "modified": "2021-01-17T12:50:10", "rev": 2}, "vulnersScore": 5.8}, "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1705 and \n# Oracle Linux Security Advisory ELSA-2015-1705 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85777);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-5722\");\n script_xref(name:\"RHSA\", value:\"2015:1705\");\n\n script_name(english:\"Oracle Linux 6 / 7 : bind (ELSA-2015-1705)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1705 :\n\nUpdated bind packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 6 and 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-September/005381.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-September/005382.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-sdb-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6 / 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"bind-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-chroot-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-devel-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-libs-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-sdb-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"bind-utils-9.8.2-0.37.rc1.el6_7.4\")) flag++;\n\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-chroot-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-devel-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-libs-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-libs-lite-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-license-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-lite-devel-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-sdb-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-sdb-chroot-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"bind-utils-9.9.4-18.el7_1.5\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-devel / bind-libs / bind-libs-lite / etc\");\n}\n", "naslFamily": "Oracle Linux Local Security Checks", "pluginID": "85777", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:bind-chroot", "p-cpe:/a:oracle:linux:bind-sdb", "p-cpe:/a:oracle:linux:bind", "p-cpe:/a:oracle:linux:bind-devel", "p-cpe:/a:oracle:linux:bind-license", "p-cpe:/a:oracle:linux:bind-utils", "p-cpe:/a:oracle:linux:bind-libs", "p-cpe:/a:oracle:linux:bind-lite-devel", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:bind-libs-lite", "p-cpe:/a:oracle:linux:bind-sdb-chroot"], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T06:21:27", "description": "buffer.c in named in ISC BIND 9.x before 9.9.7-P3 and 9.10.x before 9.10.2-P4 allows remote attackers to cause a denial of service (assertion failure and daemon exit) by creating a zone containing a malformed DNSSEC key and issuing a query for a name in that zone.", "edition": 7, "cvss3": {}, "published": "2015-09-05T02:59:00", "title": "CVE-2015-5722", "type": "cve", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5722"], "modified": "2016-12-31T02:59:00", "cpe": ["cpe:/a:isc:bind:9.10.2", "cpe:/a:isc:bind:9.9.7", "cpe:/o:apple:mac_os_x_server:5.0.15"], "id": "CVE-2015-5722", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5722", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:isc:bind:9.10.2:p3:*:*:*:*:*:*", "cpe:2.3:o:apple:mac_os_x_server:5.0.15:*:*:*:*:*:*:*", "cpe:2.3:a:isc:bind:9.9.7:p2:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2020-04-06T22:40:34", "bulletinFamily": "software", "cvelist": ["CVE-2015-5722"], "description": "\nF5 Product Development has assigned ID 540846 (BIG-IP), ID 542976 (BIG-IQ), and ID 542970 (Enterprise Manager) to this vulnerability, and has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table.\n\nProduct | Versions known to be vulnerable | Versions known to be not vulnerable | Severity | Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM | 12.0.01,2 \n11.2.0 - 11.6.01,2 \n11.0.0 - 11.1.01 \n10.1.0 - 10.2.41 | 12.1.0 \n12.0.0 HF1 \n11.6.1 \n11.6.0 HF6 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP AAM | 12.0.01 \n11.4.0 - 11.6.01 | 12.1.0 \n12.0.0 HF1 \n11.6.1 \n11.6.0 HF6 \n11.5.4 \n11.4.1 HF10 | High | BIND \nBIG-IP AFM | 12.0.01 \n11.3.0 - 11.6.01 | 12.1.0 \n12.0.0 HF1 \n11.6.1 \n11.6.0 HF6 \n11.5.4 \n11.4.1 HF10 | High | BIND \nBIG-IP Analytics | 12.0.01 \n11.0.0 - 11.6.01 | 12.1.0 \n12.0.0 HF1 \n11.6.1 \n11.6.0 HF6 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP APM | 12.0.01 \n11.0.0 - 11.6.01 \n10.1.0 - 10.2.41 | 12.1.0 \n12.0.0 HF1 \n11.6.1 \n11.6.0 HF6 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP ASM | 12.0.01 \n11.0.0 - 11.6.01 \n10.1.0 - 10.2.41 | 12.1.0 \n12.0.0 HF1 \n11.6.1 \n11.6.0 HF6 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP DNS | 12.0.01,2,3 | 12.1.0 \n12.0.0 HF1 | High | BIND \nBIG-IP Edge Gateway | 11.0.0 - 11.3.01 \n10.1.0 - 10.2.41 | 11.2.1 HF16 | High | BIND \nBIG-IP GTM | 11.2.0 - 11.6.01,2,3 \n11.0.0 - 11.1.01,3 \n10.1.0 - 10.2.41,3 | 11.6.1 \n11.6.0 HF6 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP Link Controller | 12.0.01,2,3 \n11.2.0 - 11.6.01,2,3 \n11.0.0 - 11.1.01,3 \n10.1.0 - 10.2.41,3 | 12.1.0 \n12.0.0 HF1 \n11.6.1 \n11.6.0 HF6 \n11.5.4 \n11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP PEM | 12.0.01 \n11.3.0 - 11.6.01 | 12.1.0 \n12.0.0 HF1 \n11.6.1 \n11.6.0 HF6 \n11.5.4 | High | BIND \nBIG-IP PSM | 11.0.0 - 11.4.1 HF9 \n10.1.0 - 10.2.41 | 11.4.1 HF10 \n11.2.1 HF16 | High | BIND \nBIG-IP WebAccelerator | 11.0.0 - 11.3.01 \n10.1.0 - 10.2.41 | 11.2.1 HF16 | High | BIND \nBIG-IP WOM | 11.0.0 - 11.3.01 \n10.1.0 - 10.2.41 | 11.2.1 HF16 | High | BIND \nARX | None | 6.0.0 - 6.4.0 | Not vulnerable | None \nEnterprise Manager | 3.0.0 - 3.1.14 | None | Low | BIND \nFirePass | None | 7.0.0 \n6.0.0 - 6.1.0 | Not vulnerable | None \nBIG-IQ Cloud | 4.0.0 - 4.5.04 | None | Low | BIND \nBIG-IQ Device | 4.2.0 - 4.5.04 | None | Low | BIND \nBIG-IQ Security | 4.0.0 - 4.5.04 | None | Low | BIND \nBIG-IQ ADC | 4.5.04 | None | Low | BIND \nLineRate | None | 2.5.0 - 2.6.1 | Not vulnerable | None \nF5 WebSafe | None | 1.0.0 | Not vulnerable | None \nTraffix SDC | None | 4.0.0 - 4.4.0 \n3.3.2 - 3.5.1 | Not vulnerable | None \n \n1These versions are vulnerable if the BIND service has been configured to listen on a self IP address, virtual server, or management IP address (typically on port 53), and the BIND configuration (**named.conf**) has been modified to enable DNSSEC validation with the **dnssec-validation yes; **setting (not enabled by default). \n2These versions are vulnerable if a DNS profile is configured with the **Use BIND Server on BIG-IP** option (enabled by default) and applied to a virtual server, and the BIND configuration (**named.conf**) has been modified to enable _DNSSEC_ validation with the **dnssec-validation yes; **setting (not enabled by default). \n3These versions are vulnerable if configured with a pool that uses the **Return to DNS** load balancing method or when the pool's **Alternate** and **Fallback** load balancing methods are set to **None**, and all pools associated with the wide-IP are unavailable, and the BIND configuration (**named.conf**) has been modified to enable _DNSSEC_** **validation with the **dnssec-validation yes; **setting (not enabled by default). \n4 These versions of the BIG-IQ system and Enterprise Manager system are not vulnerable in their default configuration. However, these versions are vulnerable if the BIND service has been configured to listen on the Management Port or self IP address, and the BIND configuration (**named.conf**) has been modified to enable** **_DNSSEC_ validation with the **dnssec-validation yes;** setting (not enabled by default).\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nIf you require DNSSEC validation, there is no mitigation for this issue. However, if you have manually enabled the DNSSEC validation feature in the BIND configuration but do not require DNSSEC validation, you can mitigate this vulnerability by disabling/removing this feature in/from the BIND configuration. For more information about BIND's DNSSEC validation, refer to the official documentation [BIND DNSSEC Guide](<https://ftp.isc.org/isc/dnssec-guide/dnssec-guide.pdf>) from Internet Systems Consortium (ISC).\n\n**Note: **The previous link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 13.x)](<https://support.f5.com/csp/article/K13123>)\n", "edition": 1, "modified": "2019-05-08T18:50:00", "published": "2015-09-03T21:56:00", "id": "F5:K17181", "href": "https://support.f5.com/csp/article/K17181", "title": "BIND vulnerability CVE-2015-5722", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2016-09-26T17:23:06", "bulletinFamily": "software", "cvelist": ["CVE-2015-5722"], "edition": 1, "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nIf you require DNSSEC validation, there is no mitigation for this issue. However, if you have manually enabled the DNSSEC validation feature in the BIND configuration but do not require DNSSEC validation, you can mitigate this vulnerability by disabling/removing this feature in/from the BIND configuration. For more information about BIND's DNSSEC validation, refer to the official documentation [BIND DNSSEC Guide](<http://users.isc.org/~jreed/dnssec-guide/dnssec-guide.html>) from Internet Systems Consortium (ISC).\n\n**Note: **The previous link takes you to a resource outside of AskF5. The third party could remove the document without our knowledge.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n", "modified": "2016-08-16T00:00:00", "published": "2015-09-09T00:00:00", "href": "http://support.f5.com/kb/en-us/solutions/public/17000/100/sol17181.html", "id": "SOL17181", "title": "SOL17181 - BIND vulnerability CVE-2015-5722", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:36:02", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "[32:9.8.2-0.37.rc1.4]\n- Apply previously not applied patch for CVE-2015-5722\n[32:9.8.2-0.37.rc1.3]\n- Fix CVE-2015-5722", "edition": 4, "modified": "2015-09-03T00:00:00", "published": "2015-09-03T00:00:00", "id": "ELSA-2015-1705", "href": "http://linux.oracle.com/errata/ELSA-2015-1705.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:59", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5477", "CVE-2015-5722", "CVE-2014-8500"], "description": "[32:9.7.0-21.P2.3]\n- Fix CVE-2015-5722\n[32:9.7.0-21.P2.2]\n- Fix CVE-2015-5477\n[32:9.7.0-21.P2.1]\n- Fix CVE-2014-8500 (#1171972)", "edition": 4, "modified": "2015-09-03T00:00:00", "published": "2015-09-03T00:00:00", "id": "ELSA-2015-1707", "href": "http://linux.oracle.com/errata/ELSA-2015-1707.html", "title": "bind97 security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:43", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5477", "CVE-2015-5722", "CVE-2014-8500"], "description": "[30:9.3.6-25.P1.4]\n- Fix CVE-2015-5722\n[30:9.3.6-25.P1.3]\n- Fix CVE-2015-5477\n[30:9.3.6-25.P1.2]\n- Remove files backup after patching (Related: #1171971)\n[30:9.3.6-25.P1.1]\n- Fix CVE-2014-8500 (#1171971)", "edition": 4, "modified": "2015-09-03T00:00:00", "published": "2015-09-03T00:00:00", "id": "ELSA-2015-1706", "href": "http://linux.oracle.com/errata/ELSA-2015-1706.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:03", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5477", "CVE-2015-8000", "CVE-2015-5722", "CVE-2014-8500"], "description": "[30:9.3.6-25.P1.5]\n- Fix CVE-2015-8000\n[30:9.3.6-25.P1.4]\n- Fix CVE-2015-5722\n[30:9.3.6-25.P1.3]\n- Fix CVE-2015-5477\n[30:9.3.6-25.P1.2]\n- Remove files backup after patching (Related: #1171971)\n[30:9.3.6-25.P1.1]\n- Fix CVE-2014-8500 (#1171971)", "edition": 4, "modified": "2015-12-16T00:00:00", "published": "2015-12-16T00:00:00", "id": "ELSA-2015-2656", "href": "http://linux.oracle.com/errata/ELSA-2015-2656.html", "title": "bind security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2016-09-04T11:57:33", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "The nameserver bind was updated to fix a remote denial of service (crash)\n attack against bind nameservers doing validation on DNSSEC signed records.\n (CVE-2015-5722, bsc#944066).\n\n", "edition": 1, "modified": "2015-09-04T18:09:48", "published": "2015-09-04T18:09:48", "id": "SUSE-SU-2015:1496-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00012.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:29:54", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "BIND was updated to fix a denial of service against servers performing\n validation on DNSSEC-signed records (CVE-2015-5722, bsc#944066).\n\n", "edition": 1, "modified": "2015-09-22T11:11:27", "published": "2015-09-22T11:11:27", "id": "OPENSUSE-SU-2015:1597-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00020.html", "type": "suse", "title": "Security update for bind (important)", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:32:37", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "BIND was updated to fix a denial of service against servers performing\n validation on DNSSEC-signed records (CVE-2015-5722, bsc#944066).\n\n", "edition": 1, "modified": "2015-10-01T22:09:50", "published": "2015-10-01T22:09:50", "id": "OPENSUSE-SU-2015:1667-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00002.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T11:26:30", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "The nameserver bind was updated to fix a remote denial of service (crash)\n attack against bind nameservers doing validation on DNSSEC signed records.\n (CVE-2015-5722, bsc#944066).\n\n", "edition": 1, "modified": "2015-09-02T23:09:49", "published": "2015-09-02T23:09:49", "id": "SUSE-SU-2015:1480-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00005.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2016-09-04T12:22:47", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "The nameserver bind was updated to fix a remote denial of service (crash)\n attack against bind nameservers doing validation on DNSSEC signed records.\n (CVE-2015-5722, bsc#944066).\n\n", "edition": 1, "modified": "2015-09-02T23:10:21", "published": "2015-09-02T23:10:21", "id": "SUSE-SU-2015:1481-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00006.html", "title": "Security update for bind (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "redhat": [{"lastseen": "2019-08-13T18:44:57", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2017-09-08T11:49:02", "published": "2015-09-03T04:00:00", "id": "RHSA-2015:1707", "href": "https://access.redhat.com/errata/RHSA-2015:1707", "type": "redhat", "title": "(RHSA-2015:1707) Important: bind97 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:13", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n", "modified": "2017-09-08T12:10:49", "published": "2015-09-03T04:00:00", "id": "RHSA-2015:1706", "href": "https://access.redhat.com/errata/RHSA-2015:1706", "type": "redhat", "title": "(RHSA-2015:1706) Important: bind security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:44:37", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno B\u00f6ck as the original reporter.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "modified": "2018-06-06T20:24:30", "published": "2015-09-03T04:00:00", "id": "RHSA-2015:1705", "href": "https://access.redhat.com/errata/RHSA-2015:1705", "type": "redhat", "title": "(RHSA-2015:1705) Important: bind security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-13T18:46:29", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5477", "CVE-2015-5722", "CVE-2015-8000"], "description": "The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA flaw was found in the way BIND handled requests for TKEY DNS resource\nrecords. A remote attacker could use this flaw to make named (functioning\nas an authoritative DNS server or a DNS resolver) exit unexpectedly with an\nassertion failure via a specially crafted DNS request packet.\n(CVE-2015-5477)\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nA denial of service flaw was found in the way BIND processed certain\nrecords with malformed class attributes. A remote attacker could use this\nflaw to send a query to request a cached record with a malformed class\nattribute that would cause named functioning as an authoritative or\nrecursive server to crash. (CVE-2015-8000)\n\nNote: This issue affects authoritative servers as well as recursive\nservers, however authoritative servers are at limited risk if they perform\nauthentication when making recursive queries to resolve addresses for\nservers listed in NS RRSETs.\n\nRed Hat would like to thank ISC for reporting the CVE-2015-5477,\nCVE-2015-5722, and CVE-2015-8000 issues. Upstream acknowledges Jonathan\nFoote as the original reporter of CVE-2015-5477, and Hanno B\u00f6ck as the\noriginal reporter of CVE-2015-5722.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.", "modified": "2016-09-04T02:18:39", "published": "2016-01-28T05:00:00", "id": "RHSA-2016:0079", "href": "https://access.redhat.com/errata/RHSA-2016:0079", "type": "redhat", "title": "(RHSA-2016:0079) Important: bind security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:26:54", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "**CentOS Errata and Security Advisory** CESA-2015:1707\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-September/033407.html\n\n**Affected packages:**\nbind97\nbind97-chroot\nbind97-devel\nbind97-libs\nbind97-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1707.html", "edition": 3, "modified": "2015-09-03T10:20:47", "published": "2015-09-03T10:20:47", "href": "http://lists.centos.org/pipermail/centos-announce/2015-September/033407.html", "id": "CESA-2015:1707", "title": "bind97 security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:28:38", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "**CentOS Errata and Security Advisory** CESA-2015:1706\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-September/033408.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libbind-devel\nbind-libs\nbind-sdb\nbind-utils\ncaching-nameserver\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1706.html", "edition": 3, "modified": "2015-09-03T10:22:24", "published": "2015-09-03T10:22:24", "href": "http://lists.centos.org/pipermail/centos-announce/2015-September/033408.html", "id": "CESA-2015:1706", "title": "bind, caching security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-12-20T18:26:13", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "**CentOS Errata and Security Advisory** CESA-2015:1705\n\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named); a resolver\nlibrary (routines for applications to use when interfacing with DNS); and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno B\u00f6ck as the original reporter.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-September/033405.html\nhttp://lists.centos.org/pipermail/centos-announce/2015-September/033410.html\n\n**Affected packages:**\nbind\nbind-chroot\nbind-devel\nbind-libs\nbind-libs-lite\nbind-license\nbind-lite-devel\nbind-sdb\nbind-sdb-chroot\nbind-utils\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1705.html", "edition": 3, "modified": "2015-09-03T10:59:36", "published": "2015-09-03T10:17:26", "href": "http://lists.centos.org/pipermail/centos-announce/2015-September/033405.html", "id": "CESA-2015:1705", "title": "bind security update", "type": "centos", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "This is dnsperf, a collection of DNS server performance testing tools. For more information, see the dnsperf(1) and resperf(1) man pages. ", "modified": "2015-09-06T17:10:22", "published": "2015-09-06T17:10:22", "id": "FEDORA:687B46087671", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: dnsperf-2.0.0.0-18.fc23", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2015-09-06T17:10:22", "published": "2015-09-06T17:10:22", "id": "FEDORA:435A16087589", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: bind-9.10.3-0.1.rc1.fc23", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2015-09-09T23:22:35", "published": "2015-09-09T23:22:35", "id": "FEDORA:77F1260D3010", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: bind-9.10.2-5.P4.fc22", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "This package provides an LDAP back-end plug-in for BIND. It features support for dynamic updates and internal caching, to lift the load off of your LDAP server. ", "modified": "2015-09-06T17:10:22", "published": "2015-09-06T17:10:22", "id": "FEDORA:4E4776087597", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: bind-dyndb-ldap-8.0-3.fc23", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating properly. ", "modified": "2015-10-04T23:22:17", "published": "2015-10-04T23:22:17", "id": "FEDORA:6CE376075494", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: bind-9.9.6-11.P1.fc21", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722", "CVE-2015-5986"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. ", "modified": "2015-09-24T08:36:06", "published": "2015-09-24T08:36:06", "id": "FEDORA:4CBF7613436F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 22 Update: bind99-9.9.7-7.P3.fc22", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722", "CVE-2015-5986"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. ", "modified": "2015-09-06T17:16:35", "published": "2015-09-06T17:16:35", "id": "FEDORA:29344605F21A", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: bind99-9.9.7-7.P3.fc23", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:53", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722", "CVE-2015-5986"], "description": "BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. This package set contains only export version of BIND libraries, that are used for building ISC DHCP. ", "modified": "2015-09-06T01:41:49", "published": "2015-09-06T01:41:49", "id": "FEDORA:980D66087918", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 23 Update: bind99-9.9.7-7.P3.fc23", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:11:01", "bulletinFamily": "software", "cvelist": ["CVE-2015-5722"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2728-1\r\nSeptember 02, 2015\r\n\r\nbind9 vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 15.04\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nBind could be made to crash if it received specially crafted network\r\ntraffic.\r\n\r\nSoftware Description:\r\n- bind9: Internet Domain Name Server\r\n\r\nDetails:\r\n\r\nHanno Bock discovered that Bind incorrectly handled certain malformed keys\r\nwhen configured to perform DNSSEC validation. A remote attacker could use\r\nthis issue with specially crafted zone data to cause Bind to crash,\r\nresulting in a denial of service.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 15.04:\r\n bind9 1:9.9.5.dfsg-9ubuntu0.3\r\n\r\nUbuntu 14.04 LTS:\r\n bind9 1:9.9.5.dfsg-3ubuntu0.5\r\n\r\nUbuntu 12.04 LTS:\r\n bind9 1:9.8.1.dfsg.P1-4ubuntu0.13\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2728-1\r\n CVE-2015-5722\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-9ubuntu0.3\r\n https://launchpad.net/ubuntu/+source/bind9/1:9.9.5.dfsg-3ubuntu0.5\r\n https://launchpad.net/ubuntu/+source/bind9/1:9.8.1.dfsg.P1-4ubuntu0.13\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2015-09-03T00:00:00", "published": "2015-09-03T00:00:00", "id": "SECURITYVULNS:DOC:32483", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32483", "title": "[USN-2728-1] Bind vulnerability", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-5722"], "description": "Crash on DNS SEC validation.", "edition": 1, "modified": "2015-09-03T00:00:00", "published": "2015-09-03T00:00:00", "id": "SECURITYVULNS:VULN:14669", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:14669", "title": "ISC bind named DoS", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:11:02", "bulletinFamily": "software", "cvelist": ["CVE-2015-5722", "CVE-2015-7031", "CVE-2015-5986"], "description": "\r\n\r\nAPPLE-SA-2015-10-21-8 OS X Server 5.0.15\r\n\r\nOS X Server 5.0.15 is now available and addresses the following:\r\n\r\nBIND\r\nAvailable for: OS X Yosemite 10.10.5,\r\nOS X El Capitan 10.11.1 or later\r\nImpact: Multiple vulnerabilities in BIND\r\nDescription: Multiple vulnerabilities existed in BIND versions prior\r\nto 9.9.7-P3, one of which may have allowed a remote attacker to cause\r\na denial of service. These issues were addressed by updating BIND to\r\nversion 9.9.7-P3.\r\nCVE-ID\r\nCVE-2015-5722 : Hanno Bock from the Fuzzing Project\r\nCVE-2015-5986\r\n\r\nWeb Service\r\nAvailable for: OS X Yosemite 10.10.5,\r\nOS X El Capitan 10.11.1 or later\r\nImpact: A remote attacker may be able to bypass access restrictions\r\nDescription: An HTTP header field reference was missing from the\r\nconfiguration files. This issue was addressed by adding the HTTP\r\nheader field reference to the configuration file.\r\nCVE-ID\r\nCVE-2015-7031 : an anonymous researcher\r\n\r\nInstallation note:\r\n\r\nOS X Server 5.0.15 may be obtained from the Mac App Store.\r\n\r\nInformation will also be posted to the Apple Security Updates\r\nweb site: https://support.apple.com/kb/HT201222\r\n\r\nThis message is signed with Apple's Product Security PGP key,\r\nand details are available at:\r\nhttps://www.apple.com/support/security/pgp/\r\n\r\n", "edition": 1, "modified": "2015-10-25T00:00:00", "published": "2015-10-25T00:00:00", "id": "SECURITYVULNS:DOC:32569", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:32569", "title": "APPLE-SA-2015-10-21-8 OS X Server 5.0.15", "type": "securityvulns", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "aix": [{"lastseen": "2020-04-22T00:52:09", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Tues Nov 3 09:00:00 CDT 2015 \n\nThe most recent version of this document is available here:\n\nhttp://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc\nhttps://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc\nftp://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc\n\n\nSecurity Bulletin: Vulnerability in bind affects AIX (CVE-2015-5722)\n\n\n===============================================================================\n\nSUMMARY:\n\n ISC BIND is vulnerable to a denial of service, caused by the exit of a \n validating resolver due to an assertion failure in buffer.c. By \n parsing a malformed DNSSEC key, a remote attacker could exploit this \n vulnerability to cause a denial of service. \n\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n CVEID: CVE-2015-5722\n DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by the \n exit of a validating resolver due to an assertion failure in \n buffer.c. By parsing a malformed DNSSEC key, a remote attacker could \n exploit this vulnerability to cause a denial of service.\n CVSS Base Score: 7.5 \n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/106089 for the\n current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:C)\n\n\n AFFECTED PRODUCTS AND VERSIONS:\n \n AIX 5.3, 6.1, 7.1\n VIOS 2.2.x\n\n The following AIX fileset levels are vulnerable:\n\n AIX Fileset Lower Level Upper Level KEY\n --------------------------------------------------------\n bos.net.tcp.client 5.3.12.0 5.3.12.10 key_w_fs\n bos.net.tcp.client 6.1.8.0 6.1.8.20 key_w_fs\n bos.net.tcp.client 6.1.9.0 6.1.9.45 key_w_fs\n bos.net.tcp.client 7.1.2.0 7.1.2.20 key_w_fs\n bos.net.tcp.client 7.1.3.0 7.1.3.45 key_w_fs\n\n AIX Fileset (VIOS) Lower Level Upper Level\n ------------------------------------------------------------\n bos.net.tcp.client 6.1.0.0(2.2.0.0) 6.1.8.20(2.2.2.70)\n bos.net.tcp.client 6.1.0.0(2.2.0.0) 6.1.9.45(2.2.3.50)\n\n Note: to find out whether the affected filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i bos.net.tcp.client\n\n REMEDIATION:\n\n A. APARS\n \n IBM has assigned the following APARs to this problem:\n\n AIX Level APAR Availability SP KEY\n ---------------------------------------------------\n 5.3.12 IV78092 N/A key_w_apar\n 6.1.8 IV78096 N/A key_w_apar\n 6.1.9 IV78091 12/04/15 SP6 key_w_apar\n 7.1.2 IV78094 N/A key_w_apar\n 7.1.3 IV78095 2/26/16 SP6 key_w_apar\n\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IV78091\n http://www.ibm.com/support/docview.wss?uid=isg1IV78095\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n Fixes are available.\n \n The fixes can be downloaded via ftp or http from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/bind_fix9.tar\n http://aix.software.ibm.com/aix/efixes/security/bind_fix9.tar\n https://aix.software.ibm.com/aix/efixes/security/bind_fix9.tar \n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n\n AIX Level Interim Fix (*.Z) KEY\n ------------------------------------------------\n 5.3.12.9 IV78092m9a.151103.epkg.Z key_w_fix\n 6.1.8.7 IV78096m7a.151021.epkg.Z key_w_fix\n 6.1.9.5 IV78091m5a.151020.epkg.Z key_w_fix\n 7.1.2.7 IV78094m7a.151020.epkg.Z key_w_fix\n 7.1.3.5 IV78095m5a.151019.epkg.Z key_w_fix\n\n VIOS Level Interim Fix (*.Z) KEY\n ------------------------------------------------\n 2.2.2.70 IV78096m7a.151021.epkg.Z key_w_fix\n 2.2.3.50 IV78091m5a.151020.epkg.Z key_w_fix\n\n\n To extract the fixes from the tar file:\n\n tar xvf bind_fix9.tar\n cd bind_fix9\n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command as the followng:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n 404c44a81b43cb8cacab75e732bc7c8eca27a869a137c619294fb3b91cf9f99c IV78092m9a.151103.epkg.Z key_w_csum\n c2d3210404653dd91298efe732cb9b87ab0db9c6470f8c1ca540482b01690013 IV78096m7a.151021.epkg.Z key_w_csum\n 95cb6237a23f136ae81f647d01f54a72c63594f8d8dcd4ff323523f096e01047 IV78091m5a.151020.epkg.Z key_w_csum\n 8b10bce53ed6e225e29c8aa3663463d8320fe798c7b02740ba3b457ad294bb56 IV78094m7a.151020.epkg.Z key_w_csum\n ccc6e8abe8bf25e42fb08e4754f1b3e89d60c40bc73be4cec8a24af034c84c83 IV78095m5a.151019.epkg.Z key_w_csum\n\n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM AIX Security at\n security-alert@austin.ibm.com and describe the discrepancy.\n \n openssl dgst -sha1 -verify <pubkey_file> -signature <advisory_file>.sig <advisory_file>\n\n openssl dgst -sha1 -verify <pubkey_file> -signature <ifix_file>.sig <ifix_file>\n\n Published advisory OpenSSL signature file location:\n \n http://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc.sig \n\n C. FIX AND INTERIM FIX INSTALLATION\n\n IMPORTANT: If possible, it is recommended that a mksysb backup\n of the system be created. Verify it is both bootable and\n readable before proceeding.\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n\n WORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Comments regarding the content of this announcement can be\n directed to:\n\n security-alert@austin.ibm.com\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n http://www.ibm.com/systems/resources/systems_p_os_aix_security_pubkey.txt\n\n To obtain the PGP public key that can be used to communicate\n securely with the AIX Security Team via security-alert@austin.ibm.com you\n can either:\n\n A. Download the key from our web page:\n\nhttp://www.ibm.com/systems/resources/systems_p_os_aix_security_pgppubkey.txt\n\n B. Download the key from a PGP Public Key Server. The key ID is:\n\n 0x28BFAA12\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS Guide: http://www.first.org/cvss/cvss-guide.html\n On-line Calculator V2:\n http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2\n\n\nACKNOWLEDGEMENTS:\n\n None \n\n\nCHANGE HISTORY:\n\n First Issued: Tues Nov 3 09:00:00 CDT 2015\n\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n", "edition": 16, "modified": "2015-11-03T09:00:00", "published": "2015-11-03T09:00:00", "id": "BIND_ADVISORY9.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc", "title": "Vulnerability in BIND affects AIX,Vulnerability in BIND affects VIOS", "type": "aix", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2019-05-29T18:33:05", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "\nISC reports:\n\nParsing a malformed DNSSEC key can cause a validating\n\t resolver to exit due to a failed assertion in buffer.c. It is possible\n\t for a remote attacker to deliberately trigger this condition, for\n\t example by using a query which requires a response from a zone\n\t containing a deliberately malformed key.\n\n", "edition": 4, "modified": "2016-08-09T00:00:00", "published": "2015-08-19T00:00:00", "id": "EAF3B255-5245-11E5-9AD8-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/eaf3b255-5245-11e5-9ad8-14dae9d210b8.html", "title": "bind -- denial of service vulnerability", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-06T09:17:45", "description": "ISC BIND is vulnerable to a denial of service, caused by the exit of a\nvalidating resolver due to an assertion failure in buffer.c. By\nparsing a malformed DNSSEC key, a remote attacker could exploit this\nvulnerability to cause a denial of service.", "edition": 23, "published": "2015-11-06T00:00:00", "title": "AIX 7.1 TL 2 : bind (IV78094)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-11-06T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV78094.NASL", "href": "https://www.tenable.com/plugins/nessus/86767", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory bind_advisory9.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86767);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-5722\");\n\n script_name(english:\"AIX 7.1 TL 2 : bind (IV78094)\");\n script_summary(english:\"Check for APAR IV78094\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC BIND is vulnerable to a denial of service, caused by the exit of a\nvalidating resolver due to an assertion failure in buffer.c. By\nparsing a malformed DNSSEC key, a remote attacker could exploit this\nvulnerability to cause a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"02\", sp:\"07\", patch:\"IV78094m7a\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.2.0\", maxfilesetver:\"7.1.2.20\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:50:10", "description": "From Red Hat Security Advisory 2015:1707 :\n\nUpdated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 24, "published": "2015-09-04T00:00:00", "title": "Oracle Linux 5 : bind97 (ELSA-2015-1707)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-09-04T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:bind97-utils", "p-cpe:/a:oracle:linux:bind97-chroot", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:bind97-devel", "p-cpe:/a:oracle:linux:bind97-libs", "p-cpe:/a:oracle:linux:bind97"], "id": "ORACLELINUX_ELSA-2015-1707.NASL", "href": "https://www.tenable.com/plugins/nessus/85779", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1707 and \n# Oracle Linux Security Advisory ELSA-2015-1707 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85779);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-5722\");\n script_xref(name:\"RHSA\", value:\"2015:1707\");\n\n script_name(english:\"Oracle Linux 5 : bind97 (ELSA-2015-1707)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1707 :\n\nUpdated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-September/005384.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind97 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"bind97-9.7.0-21.P2.el5_11.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-chroot-9.7.0-21.P2.el5_11.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-devel-9.7.0-21.P2.el5_11.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-libs-9.7.0-21.P2.el5_11.3\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"bind97-utils-9.7.0-21.P2.el5_11.3\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind97 / bind97-chroot / bind97-devel / bind97-libs / bind97-utils\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-07T14:22:59", "description": "The nameserver bind was updated to fix a remote denial of service\n(crash) attack against bind nameservers doing validation on DNSSEC\nsigned records. (CVE-2015-5722, bsc#944066).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 26, "published": "2015-09-04T00:00:00", "title": "SUSE SLED11 / SLES11 Security Update : bind (SUSE-SU-2015:1480-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-09-04T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:bind-devel", "p-cpe:/a:novell:suse_linux:bind-chrootenv", "p-cpe:/a:novell:suse_linux:bind", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:bind-doc", "p-cpe:/a:novell:suse_linux:bind-utils", "p-cpe:/a:novell:suse_linux:bind-libs"], "id": "SUSE_SU-2015-1480-1.NASL", "href": "https://www.tenable.com/plugins/nessus/85793", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2015:1480-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85793);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2015-5722\");\n\n script_name(english:\"SUSE SLED11 / SLES11 Security Update : bind (SUSE-SU-2015:1480-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The nameserver bind was updated to fix a remote denial of service\n(crash) attack against bind nameservers doing validation on DNSSEC\nsigned records. (CVE-2015-5722, bsc#944066).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=944066\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2015-5722/\"\n );\n # https://www.suse.com/support/update/announcement/2015/suse-su-20151480-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b019894d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4 :\n\nzypper in -t patch sdksp4-bind-12067=1\n\nSUSE Linux Enterprise Software Development Kit 11-SP3 :\n\nzypper in -t patch sdksp3-bind-12067=1\n\nSUSE Linux Enterprise Server for VMWare 11-SP3 :\n\nzypper in -t patch slessp3-bind-12067=1\n\nSUSE Linux Enterprise Server 11-SP4 :\n\nzypper in -t patch slessp4-bind-12067=1\n\nSUSE Linux Enterprise Server 11-SP3 :\n\nzypper in -t patch slessp3-bind-12067=1\n\nSUSE Linux Enterprise Server 11-SP2-LTSS :\n\nzypper in -t patch slessp2-bind-12067=1\n\nSUSE Linux Enterprise Desktop 11-SP4 :\n\nzypper in -t patch sledsp4-bind-12067=1\n\nSUSE Linux Enterprise Desktop 11-SP3 :\n\nzypper in -t patch sledsp3-bind-12067=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4 :\n\nzypper in -t patch dbgsp4-bind-12067=1\n\nSUSE Linux Enterprise Debuginfo 11-SP3 :\n\nzypper in -t patch dbgsp3-bind-12067=1\n\nSUSE Linux Enterprise Debuginfo 11-SP2 :\n\nzypper in -t patch dbgsp2-bind-12067=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-chrootenv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED11|SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED11 / SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP2/3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED11\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED11 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", cpu:\"s390x\", reference:\"bind-libs-32bit-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"bind-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"bind-chrootenv-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"bind-doc-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"bind-libs-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"bind-utils-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", cpu:\"s390x\", reference:\"bind-libs-32bit-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"bind-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"bind-chrootenv-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"bind-doc-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"bind-libs-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"3\", reference:\"bind-utils-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", cpu:\"s390x\", reference:\"bind-libs-32bit-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"bind-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"bind-chrootenv-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"bind-devel-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"bind-doc-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"bind-libs-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"2\", reference:\"bind-utils-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"bind-libs-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"bind-utils-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"bind-libs-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"4\", cpu:\"i586\", reference:\"bind-utils-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"bind-libs-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"bind-utils-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"x86_64\", reference:\"bind-libs-32bit-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"bind-libs-9.9.6P1-0.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:\"3\", cpu:\"i586\", reference:\"bind-utils-9.9.6P1-0.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-12T09:43:37", "description": "Hanno Böck from the Fuzzing Project discovered that incorrect\nvalidation of DNSSEC-signed records in the Bind DNS server could\nresult in denial of service.\n\nFor Debian 6 'Squeeze', this issue has been fixed in bind9\nversion 1:9.7.3.dfsg-1~squeeze17. We recomend you to upgrade your\nbind9 packages.\n\nLearn more about the Debian Long Term Support (LTS) Project and how to\napply these updates at: https://wiki.debian.org/LTS/\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.", "edition": 15, "published": "2015-09-10T00:00:00", "title": "Debian DLA-308-1 : bind9 security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-09-10T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:dnsutils", "cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libisccfg62", "p-cpe:/a:debian:debian_linux:bind9", "p-cpe:/a:debian:debian_linux:host", "p-cpe:/a:debian:debian_linux:libdns69", "p-cpe:/a:debian:debian_linux:libisccc60", "p-cpe:/a:debian:debian_linux:libbind-dev", "p-cpe:/a:debian:debian_linux:libisc62", "p-cpe:/a:debian:debian_linux:libbind9-60", "p-cpe:/a:debian:debian_linux:bind9-host", "p-cpe:/a:debian:debian_linux:bind9-doc", "p-cpe:/a:debian:debian_linux:liblwres60", "p-cpe:/a:debian:debian_linux:lwresd", "p-cpe:/a:debian:debian_linux:bind9utils"], "id": "DEBIAN_DLA-308.NASL", "href": "https://www.tenable.com/plugins/nessus/85888", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-308-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85888);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2015-5722\");\n\n script_name(english:\"Debian DLA-308-1 : bind9 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hanno Böck from the Fuzzing Project discovered that incorrect\nvalidation of DNSSEC-signed records in the Bind DNS server could\nresult in denial of service.\n\nFor Debian 6 'Squeeze', this issue has been fixed in bind9\nversion 1:9.7.3.dfsg-1~squeeze17. We recomend you to upgrade your\nbind9 packages.\n\nLearn more about the Debian Long Term Support (LTS) Project and how to\napply these updates at: https://wiki.debian.org/LTS/\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/09/msg00003.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/bind9\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://wiki.debian.org/LTS/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:bind9utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dnsutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbind-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libbind9-60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdns69\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisc62\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisccc60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libisccfg62\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:liblwres60\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lwresd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"bind9\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-doc\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9-host\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"bind9utils\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"dnsutils\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"host\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind-dev\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libbind9-60\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libdns69\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisc62\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccc60\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libisccfg62\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"liblwres60\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"lwresd\", reference:\"1:9.7.3.dfsg-1~squeeze17\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:48:59", "description": "A denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 14, "published": "2015-09-04T00:00:00", "title": "Scientific Linux Security Update : bind on SL5.x i386/x86_64 (20150903)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-09-04T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:bind-devel", "p-cpe:/a:fermilab:scientific_linux:bind-debuginfo", "p-cpe:/a:fermilab:scientific_linux:bind-chroot", "p-cpe:/a:fermilab:scientific_linux:bind-libbind-devel", "p-cpe:/a:fermilab:scientific_linux:bind-utils", "p-cpe:/a:fermilab:scientific_linux:bind-libs", "p-cpe:/a:fermilab:scientific_linux:caching-nameserver", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:bind-sdb", "p-cpe:/a:fermilab:scientific_linux:bind"], "id": "SL_20150903_BIND_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85786", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85786);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-5722\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL5.x i386/x86_64 (20150903)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1509&L=scientific-linux-errata&F=&S=&P=7220\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cde41c3a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-libbind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:caching-nameserver\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"bind-9.3.6-25.P1.el5_11.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-chroot-9.3.6-25.P1.el5_11.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-debuginfo-9.3.6-25.P1.el5_11.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-devel-9.3.6-25.P1.el5_11.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libbind-devel-9.3.6-25.P1.el5_11.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-libs-9.3.6-25.P1.el5_11.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-sdb-9.3.6-25.P1.el5_11.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"bind-utils-9.3.6-25.P1.el5_11.4\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"caching-nameserver-9.3.6-25.P1.el5_11.4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-03-01T05:37:02", "description": "Updated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 28, "published": "2015-09-17T00:00:00", "title": "RHEL 5 : bind97 (RHSA-2015:1707)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2021-03-02T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:bind97-chroot", "cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:bind97-libs", "p-cpe:/a:redhat:enterprise_linux:bind97-debuginfo", "p-cpe:/a:redhat:enterprise_linux:bind97", "p-cpe:/a:redhat:enterprise_linux:bind97-utils", "p-cpe:/a:redhat:enterprise_linux:bind97-devel"], "id": "REDHAT-RHSA-2015-1707.NASL", "href": "https://www.tenable.com/plugins/nessus/85972", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1707. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(85972);\n script_version(\"1.11\");\n script_cvs_date(\"Date: 2019/10/24 15:35:40\");\n\n script_cve_id(\"CVE-2015-5722\");\n script_xref(name:\"RHSA\", value:\"2015:1707\");\n\n script_name(english:\"RHEL 5 : bind97 (RHSA-2015:1707)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1707\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-5722\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1707\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-chroot-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-chroot-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-chroot-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"bind97-debuginfo-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"bind97-devel-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"bind97-libs-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"bind97-utils-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"bind97-utils-9.7.0-21.P2.el5_11.3\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"bind97-utils-9.7.0-21.P2.el5_11.3\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind97 / bind97-chroot / bind97-debuginfo / bind97-devel / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:30:20", "description": "Updated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 27, "published": "2015-10-22T00:00:00", "title": "CentOS 5 : bind97 (CESA-2015:1707)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-10-22T00:00:00", "cpe": ["p-cpe:/a:centos:centos:bind97-libs", "p-cpe:/a:centos:centos:bind97", "p-cpe:/a:centos:centos:bind97-utils", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:bind97-devel", "p-cpe:/a:centos:centos:bind97-chroot"], "id": "CENTOS_RHSA-2015-1707.NASL", "href": "https://www.tenable.com/plugins/nessus/86505", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1707 and \n# CentOS Errata and Security Advisory 2015:1707 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86505);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-5722\");\n script_xref(name:\"RHSA\", value:\"2015:1707\");\n\n script_name(english:\"CentOS 5 : bind97 (CESA-2015:1707)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated bind97 packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nThe Berkeley Internet Name Domain (BIND) is an implementation of the\nDomain Name System (DNS) protocols. BIND includes a DNS server\n(named); a resolver library (routines for applications to use when\ninterfacing with DNS); and tools for verifying that the DNS server is\noperating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue. After\ninstalling the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-September/021369.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ec4d35ef\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bind97 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2015-5722\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:bind97-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/10/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-9.7.0-21.P2.el5_11.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-chroot-9.7.0-21.P2.el5_11.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-devel-9.7.0-21.P2.el5_11.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-libs-9.7.0-21.P2.el5_11.3\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"bind97-utils-9.7.0-21.P2.el5_11.3\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind97 / bind97-chroot / bind97-devel / bind97-libs / bind97-utils\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-20T15:29:03", "description": "Hanno Bock discovered that Bind incorrectly handled certain malformed\nkeys when configured to perform DNSSEC validation. A remote attacker\ncould use this issue with specially crafted zone data to cause Bind to\ncrash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2015-09-03T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : bind9 vulnerability (USN-2728-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-09-03T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:15.04", "p-cpe:/a:canonical:ubuntu_linux:bind9", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2728-1.NASL", "href": "https://www.tenable.com/plugins/nessus/85765", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2728-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85765);\n script_version(\"2.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2015-5722\");\n script_xref(name:\"USN\", value:\"2728-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 15.04 : bind9 vulnerability (USN-2728-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Hanno Bock discovered that Bind incorrectly handled certain malformed\nkeys when configured to perform DNSSEC validation. A remote attacker\ncould use this issue with specially crafted zone data to cause Bind to\ncrash, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2728-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected bind9 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:bind9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:15.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2015-2020 Canonical, Inc. / NASL script (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|15\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 15.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"bind9\", pkgver:\"1:9.8.1.dfsg.P1-4ubuntu0.13\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"bind9\", pkgver:\"1:9.9.5.dfsg-3ubuntu0.5\")) flag++;\nif (ubuntu_check(osver:\"15.04\", pkgname:\"bind9\", pkgver:\"1:9.9.5.dfsg-9ubuntu0.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind9\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:17:45", "description": "ISC BIND is vulnerable to a denial of service, caused by the exit of a\nvalidating resolver due to an assertion failure in buffer.c. By\nparsing a malformed DNSSEC key, a remote attacker could exploit this\nvulnerability to cause a denial of service.", "edition": 23, "published": "2015-11-06T00:00:00", "title": "AIX 7.1 TL 3 : bind (IV78095)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-11-06T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV78095.NASL", "href": "https://www.tenable.com/plugins/nessus/86768", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory bind_advisory9.asc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(86768);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2015-5722\");\n\n script_name(english:\"AIX 7.1 TL 3 : bind (IV78095)\");\n script_summary(english:\"Check for APAR IV78095\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"ISC BIND is vulnerable to a denial of service, caused by the exit of a\nvalidating resolver due to an assertion failure in buffer.c. By\nparsing a malformed DNSSEC key, a remote attacker could exploit this\nvulnerability to cause a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://aix.software.ibm.com/aix/efixes/security/bind_advisory9.asc\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/11/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"03\", sp:\"05\", patch:\"IV78095m5a\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.3.0\", maxfilesetver:\"7.1.3.45\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:48:59", "description": "A denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.", "edition": 14, "published": "2015-09-04T00:00:00", "title": "Scientific Linux Security Update : bind on SL6.x, SL7.x i386/x86_64 (20150903)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "modified": "2015-09-04T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:bind-devel", "p-cpe:/a:fermilab:scientific_linux:bind-debuginfo", "p-cpe:/a:fermilab:scientific_linux:bind-chroot", "p-cpe:/a:fermilab:scientific_linux:bind-sdb-chroot", "p-cpe:/a:fermilab:scientific_linux:bind-utils", "p-cpe:/a:fermilab:scientific_linux:bind-license", "p-cpe:/a:fermilab:scientific_linux:bind-libs", "p-cpe:/a:fermilab:scientific_linux:bind-lite-devel", "x-cpe:/o:fermilab:scientific_linux", "p-cpe:/a:fermilab:scientific_linux:bind-libs-lite", "p-cpe:/a:fermilab:scientific_linux:bind-sdb", "p-cpe:/a:fermilab:scientific_linux:bind"], "id": "SL_20150903_BIND_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/85787", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(85787);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2015-5722\");\n\n script_name(english:\"Scientific Linux Security Update : bind on SL6.x, SL7.x i386/x86_64 (20150903)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A denial of service flaw was found in the way BIND parsed certain\nmalformed DNSSEC keys. A remote attacker could use this flaw to send a\nspecially crafted DNS query (for example, a query requiring a response\nfrom a zone containing a deliberately malformed key) that would cause\nnamed functioning as a validating resolver to crash. (CVE-2015-5722)\n\nAfter installing the update, the BIND daemon (named) will be restarted\nautomatically.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1509&L=scientific-linux-errata&F=&S=&P=6888\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?901226a7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-libs-lite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-license\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-lite-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-sdb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-sdb-chroot\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:bind-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/09/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/09/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 7.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"bind-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-chroot-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-debuginfo-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-devel-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-libs-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-sdb-9.8.2-0.37.rc1.el6_7.4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"bind-utils-9.8.2-0.37.rc1.el6_7.4\")) flag++;\n\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-chroot-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-debuginfo-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-devel-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-libs-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-libs-lite-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"bind-license-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-lite-devel-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-sdb-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-sdb-chroot-9.9.4-18.el7_1.5\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"bind-utils-9.9.4-18.el7_1.5\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bind / bind-chroot / bind-debuginfo / bind-devel / bind-libs / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:36:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "Hanno Boeck discovered that incorrect validation of DNSSEC-signed records\nin the Bind DNS server could result in denial of service.\n\nUpdates for the oldstable distribution (wheezy) will be released shortly.", "modified": "2019-03-18T00:00:00", "published": "2015-09-02T00:00:00", "id": "OPENVAS:1361412562310703350", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703350", "type": "openvas", "title": "Debian Security Advisory DSA 3350-1 (bind9 - security update)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3350.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3350-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703350\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2015-5722\");\n script_name(\"Debian Security Advisory DSA 3350-1 (bind9 - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-02 00:00:00 +0200 (Wed, 02 Sep 2015)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3350.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"bind9 on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie), this problem has been fixed in\nversion 9.9.5.dfsg-9+deb8u3.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your bind9 packages.\");\n script_tag(name:\"summary\", value:\"Hanno Boeck discovered that incorrect validation of DNSSEC-signed records\nin the Bind DNS server could result in denial of service.\n\nUpdates for the oldstable distribution (wheezy) will be released shortly.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"bind9\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-doc\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9-host\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"bind9utils\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"dnsutils\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"host\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-dev\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind-export-dev\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libbind9-90\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns-export100\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libdns100\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libirs-export91\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc-export95\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisc95\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccc90\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg-export90\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libisccfg90\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"liblwres90\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"lwresd\", ver:\"9.9.5.dfsg-9+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "The remote host is missing an update for the ", "modified": "2019-03-13T00:00:00", "published": "2015-09-03T00:00:00", "id": "OPENVAS:1361412562310842426", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842426", "type": "openvas", "title": "Ubuntu Update for bind9 USN-2728-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for bind9 USN-2728-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842426\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-03 08:05:30 +0200 (Thu, 03 Sep 2015)\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for bind9 USN-2728-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind9'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Hanno B&#246 ck discovered that Bind\nincorrectly handled certain malformed keys when configured to perform DNSSEC\nvalidation. A remote attacker could use this issue with specially crafted zone\ndata to cause Bind to crash, resulting in a denial of service.\");\n script_tag(name:\"affected\", value:\"bind9 on Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"USN\", value:\"2728-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-2728-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.9.5.dfsg-3ubuntu0.5\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"bind9\", ver:\"1:9.8.1.dfsg.P1-4ubuntu0.13\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-10-05T00:00:00", "id": "OPENVAS:1361412562310869987", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869987", "type": "openvas", "title": "Fedora Update for bind FEDORA-2015-15061", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2015-15061\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869987\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-10-05 07:25:02 +0200 (Mon, 05 Oct 2015)\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for bind FEDORA-2015-15061\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bind on Fedora 21\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-15061\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-October/168686.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC21\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.6~11.P1.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "Check the version of bind", "modified": "2019-03-08T00:00:00", "published": "2015-09-04T00:00:00", "id": "OPENVAS:1361412562310882273", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882273", "type": "openvas", "title": "CentOS Update for bind CESA-2015:1706 centos5", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for bind CESA-2015:1706 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882273\");\n script_version(\"$Revision: 14058 $\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-08 14:25:52 +0100 (Fri, 08 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-04 08:14:42 +0200 (Fri, 04 Sep 2015)\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for bind CESA-2015:1706 centos5\");\n script_tag(name:\"summary\", value:\"Check the version of bind\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named) a resolver\nlibrary (routines for applications to use when interfacing with DNS) and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"bind on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_xref(name:\"CESA\", value:\"2015:1706\");\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2015-September/021370.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~25.P1.el5_11.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~25.P1.el5_11.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~25.P1.el5_11.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~25.P1.el5_11.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~25.P1.el5_11.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~25.P1.el5_11.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~25.P1.el5_11.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~25.P1.el5_11.4\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2015-09-10T00:00:00", "id": "OPENVAS:1361412562310869928", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869928", "type": "openvas", "title": "Fedora Update for bind FEDORA-2015-15041", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bind FEDORA-2015-15041\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869928\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-10 07:12:04 +0200 (Thu, 10 Sep 2015)\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for bind FEDORA-2015-15041\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"bind on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-15041\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-September/165996.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.10.2~5.P4.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:37:29", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2015-10-16T00:00:00", "id": "OPENVAS:1361412562310850868", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850868", "type": "openvas", "title": "SUSE: Security Advisory for bind (SUSE-SU-2015:1481-1)", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850868\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-16 13:16:29 +0200 (Fri, 16 Oct 2015)\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for bind (SUSE-SU-2015:1481-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The nameserver bind was updated to fix a remote denial of service (crash)\n attack against bind nameservers doing validation on DNSSEC signed records.\n (CVE-2015-5722, bsc#944066).\");\n\n script_tag(name:\"affected\", value:\"bind on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Desktop 12\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:1481-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(SLED12\\.0SP0|SLES12\\.0SP0)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLED12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.6P1~26.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debugsource\", rpm:\"bind-debugsource~9.9.6P1~26.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.9.6P1~26.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.6P1~26.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo-32bit\", rpm:\"bind-libs-debuginfo-32bit~9.9.6P1~26.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo\", rpm:\"bind-libs-debuginfo~9.9.6P1~26.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.6P1~26.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ind-utils-debuginfo\", rpm:\"ind-utils-debuginfo~9.9.6P1~26.1\", rls:\"SLED12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"SLES12.0SP0\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debugsource\", rpm:\"bind-debugsource~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo\", rpm:\"bind-libs-debuginfo~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils-debuginfo\", rpm:\"bind-utils-debuginfo~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo-32bit\", rpm:\"bind-libs-debuginfo-32bit~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.9.6P1~26.1\", rls:\"SLES12.0SP0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:41", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "Oracle Linux Local Security Checks ELSA-2015-1707", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123014", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123014", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2015-1707", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1707.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123014\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 09:46:39 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1707\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1707 - bind97 security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1707\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1707.html\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~21.P2.el5_11.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~21.P2.el5_11.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~21.P2.el5_11.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~21.P2.el5_11.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~21.P2.el5_11.3\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-09-03T00:00:00", "id": "OPENVAS:1361412562310871443", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871443", "type": "openvas", "title": "RedHat Update for bind RHSA-2015:1706-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind RHSA-2015:1706-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871443\");\n script_version(\"$Revision: 12497 $\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-03 08:04:45 +0200 (Thu, 03 Sep 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for bind RHSA-2015:1706-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named) a resolver\nlibrary (routines for applications to use when interfacing with DNS) and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"bind on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1706-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-September/msg00004.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-chroot\", rpm:\"bind-chroot~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libbind-devel\", rpm:\"bind-libbind-devel~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-sdb\", rpm:\"bind-sdb~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"caching-nameserver\", rpm:\"caching-nameserver~9.3.6~25.P1.el5_11.4\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:36:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2015-09-03T00:00:00", "id": "OPENVAS:1361412562310871445", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310871445", "type": "openvas", "title": "RedHat Update for bind97 RHSA-2015:1707-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for bind97 RHSA-2015:1707-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.871445\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2015-09-03 08:04:51 +0200 (Thu, 03 Sep 2015)\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"RedHat Update for bind97 RHSA-2015:1707-01\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind97'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The Berkeley Internet Name Domain (BIND) is an implementation of the Domain\nName System (DNS) protocols. BIND includes a DNS server (named) a resolver\nlibrary (routines for applications to use when interfacing with DNS) and\ntools for verifying that the DNS server is operating correctly.\n\nA denial of service flaw was found in the way BIND parsed certain malformed\nDNSSEC keys. A remote attacker could use this flaw to send a specially\ncrafted DNS query (for example, a query requiring a response from a zone\ncontaining a deliberately malformed key) that would cause named functioning\nas a validating resolver to crash. (CVE-2015-5722)\n\nRed Hat would like to thank ISC for reporting this issue. Upstream\nacknowledges Hanno Bock as the original reporter.\n\nAll bind97 users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdate, the BIND daemon (named) will be restarted automatically.\");\n script_tag(name:\"affected\", value:\"bind97 on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_xref(name:\"RHSA\", value:\"2015:1707-01\");\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2015-September/msg00005.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"bind97\", rpm:\"bind97~9.7.0~21.P2.el5_11.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-chroot\", rpm:\"bind97-chroot~9.7.0~21.P2.el5_11.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-debuginfo\", rpm:\"bind97-debuginfo~9.7.0~21.P2.el5_11.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-devel\", rpm:\"bind97-devel~9.7.0~21.P2.el5_11.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-libs\", rpm:\"bind97-libs~9.7.0~21.P2.el5_11.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"bind97-utils\", rpm:\"bind97-utils~9.7.0~21.P2.el5_11.3\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T18:37:21", "bulletinFamily": "scanner", "cvelist": ["CVE-2015-5722"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2015-09-22T00:00:00", "id": "OPENVAS:1361412562310850688", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850688", "type": "openvas", "title": "openSUSE: Security Advisory for bind (openSUSE-SU-2015:1597-1)", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850688\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-09-22 13:09:50 +0200 (Tue, 22 Sep 2015)\");\n script_cve_id(\"CVE-2015-5722\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"openSUSE: Security Advisory for bind (openSUSE-SU-2015:1597-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'bind'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"BIND was updated to fix a denial of service against servers performing\n validation on DNSSEC-signed records (CVE-2015-5722, bsc#944066).\");\n\n script_tag(name:\"affected\", value:\"bind on openSUSE 13.2, openSUSE 13.1\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"openSUSE-SU\", value:\"2015:1597-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=(openSUSE13\\.2|openSUSE13\\.1)\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSE13.2\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debugsource\", rpm:\"bind-debugsource~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo\", rpm:\"bind-libs-debuginfo~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd\", rpm:\"bind-lwresd~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd-debuginfo\", rpm:\"bind-lwresd-debuginfo~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils-debuginfo\", rpm:\"bind-utils-debuginfo~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo-32bit\", rpm:\"bind-libs-debuginfo-32bit~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.9.6P1~2.10.1\", rls:\"openSUSE13.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"openSUSE13.1\") {\n if(!isnull(res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debuginfo\", rpm:\"bind-debuginfo~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-debugsource\", rpm:\"bind-debugsource~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo\", rpm:\"bind-libs-debuginfo~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd\", rpm:\"bind-lwresd~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-lwresd-debuginfo\", rpm:\"bind-lwresd-debuginfo~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-utils-debuginfo\", rpm:\"bind-utils-debuginfo~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-32bit\", rpm:\"bind-libs-32bit~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"bind-libs-debuginfo-32bit\", rpm:\"bind-libs-debuginfo-32bit~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ind-doc\", rpm:\"ind-doc~9.9.4P2~2.17.1\", rls:\"openSUSE13.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2020-08-12T01:05:58", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3350-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 02, 2015 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : bind9\nCVE ID : CVE-2015-5722\n\nHanno Boeck discovered that incorrect validation of DNSSEC-signed records\nin the Bind DNS server could result in denial of service.\n\nUpdates for the oldstable distribution (wheezy) will be released shortly.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 9.9.5.dfsg-9+deb8u3.\n\nFor the unstable distribution (sid), this problem will be fixed soon.\n\nWe recommend that you upgrade your bind9 packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 9, "modified": "2015-09-02T21:47:37", "published": "2015-09-02T21:47:37", "id": "DEBIAN:DSA-3350-1:DDF3B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00249.html", "title": "[SECURITY] [DSA 3350-1] bind9 security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-11T13:22:12", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "Package : bind9\nVersion : 1:9.7.3.dfsg-1~squeeze17\nCVE ID : CVE-2015-5722\n\nHanno B\u00f6ck from the Fuzzing Project discovered that incorrect validation of\nDNSSEC-signed records in the Bind DNS server could result in denial of service.\n\nFor Debian 6 \u201cSqueeze\u201d, this issue has been fixed in bind9 version\n1:9.7.3.dfsg-1~squeeze17. We recomend you to upgrade your bind9 packages.\n\nLearn more about the Debian Long Term Support (LTS) Project and how to\napply these updates at: https://wiki.debian.org/LTS/\n", "edition": 7, "modified": "2015-09-09T23:56:08", "published": "2015-09-09T23:56:08", "id": "DEBIAN:DLA-308-1:0986C", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201509/msg00003.html", "title": "[SECURITY] [DLA 308-1] bind9 security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "ubuntu": [{"lastseen": "2020-07-02T11:33:34", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722"], "description": "Hanno B\u00f6ck discovered that Bind incorrectly handled certain malformed keys \nwhen configured to perform DNSSEC validation. A remote attacker could use \nthis issue with specially crafted zone data to cause Bind to crash, \nresulting in a denial of service.", "edition": 5, "modified": "2015-09-02T00:00:00", "published": "2015-09-02T00:00:00", "id": "USN-2728-1", "href": "https://ubuntu.com/security/notices/USN-2728-1", "title": "Bind vulnerability", "type": "ubuntu", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:38", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722", "CVE-2015-5986"], "description": "- CVE-2015-5722 (Parsing malformed keys may cause BIND to exit due to a\nfailed assertion in buffer.c):\n\nParsing a malformed DNSSEC key can cause a validating resolver to exit\ndue to a failed assertion in buffer.c. It is possible for a remote\nattacker to deliberately trigger this condition, for example by using a\nquery which requires a response from a zone containing a deliberately\nmalformed key.\n\n- CVE-2015-5986 (An incorrect boundary check can trigger a REQUIRE\nassertion failure in openpgpkey_61.c):\n\nAn incorrect boundary check in openpgpkey_61.c can cause named to\nterminate due to a REQUIRE assertion failure. This defect can be\ndeliberately exploited by an attacker who can provide a maliciously\nconstructed response in answer to a query.", "modified": "2015-09-03T00:00:00", "published": "2015-09-03T00:00:00", "id": "ASA-201509-2", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-September/000391.html", "type": "archlinux", "title": "bind: denial of service", "cvss": {"score": 7.8, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}], "slackware": [{"lastseen": "2020-10-25T16:36:03", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722", "CVE-2015-5986"], "description": "New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,\nand -current to fix security issues.\n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n\npatches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz: Upgraded.\n This update fixes two denial-of-service vulnerabilities:\n + CVE-2015-5722 is a denial-of-service vector which can be\n exploited remotely against a BIND server that is performing\n validation on DNSSEC-signed records. Validating recursive\n resolvers are at the greatest risk from this defect, but it has not\n been ruled out that it could be exploited against an\n authoritative-only nameserver under limited conditions. Servers\n that are not performing validation are not vulnerable. However,\n ISC does not recommend disabling validation as a workaround to\n this issue as it exposes the server to other types of attacks.\n Upgrading to the patched versions is the recommended solution.\n All versions of BIND since 9.0.0 are vulnerable to CVE-2015-5722.\n + CVE-2015-5986 is a denial-of-service vector which can be used\n against a BIND server that is performing recursion. Validation\n is not required. Recursive resolvers are at the greatest risk\n from this defect, but it has not been ruled out that it could\n be exploited against an authoritative-only nameserver under\n limited conditions.\n Only versions of BIND since 9.9.7 and 9.10.2 are vulnerable to\n CVE-2015-5986.\n For more information, see:\n https://kb.isc.org/article/AA-01287/0\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5722\n https://kb.isc.org/article/AA-01291/0\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5986\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/bind-9.9.7_P3-i486-1_slack13.0.txz\n\nUpdated package for Slackware x86_64 13.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.0.txz\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/bind-9.9.7_P3-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/bind-9.9.7_P3-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/bind-9.9.7_P3-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/bind-9.9.7_P3-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/bind-9.9.7_P3-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/bind-9.9.7_P3-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/bind-9.10.2_P4-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/bind-9.10.2_P4-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.0 package:\n627f6c6827eca24776d790166801de25 bind-9.9.7_P3-i486-1_slack13.0.txz\n\nSlackware x86_64 13.0 package:\n49082f50322af84efe8d91459599b837 bind-9.9.7_P3-x86_64-1_slack13.0.txz\n\nSlackware 13.1 package:\n4dd375df46e84dbecb9f296e2fec692a bind-9.9.7_P3-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\n90b4376b145544d9a63c28dcb891ca47 bind-9.9.7_P3-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n181ce9e11eb9d909c5c06b8ddd5bb1b5 bind-9.9.7_P3-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n368f7a3b977865b0132bdcd129e70813 bind-9.9.7_P3-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n3bb80a54fb5d0f76d17ef33cf06a074d bind-9.9.7_P3-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nd77b36e48e2c033ffa9d99816979304f bind-9.9.7_P3-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nada9c70208885b4c7904364e040360f9 bind-9.9.7_P3-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\na78fbe27ba2834d2918fa26ce96d5083 bind-9.9.7_P3-x86_64-1_slack14.1.txz\n\nSlackware -current package:\n450614c08d5fac56c8d2701394d1af50 n/bind-9.10.2_P4-i586-1.txz\n\nSlackware x86_64 -current package:\n32e680d6bce8dac3ad5ba54958f68f95 n/bind-9.10.2_P4-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg bind-9.9.7_P3-i486-1_slack14.1.txz\n\nThen, restart the name server:\n\n > /etc/rc.d/rc.bind restart", "modified": "2015-09-02T19:40:43", "published": "2015-09-02T19:40:43", "id": "SSA-2015-245-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.604342", "type": "slackware", "title": "[slackware-security] bind", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:35:23", "bulletinFamily": "unix", "cvelist": ["CVE-2015-5722", "CVE-2015-5986"], "description": "**Issue Overview:**\n\nAs [discussed upstream](<https://kb.isc.org/article/AA-01287/0>), parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible for a remote attacker to deliberately trigger this condition, for example by using a query which requires a response from a zone containing a deliberately malformed key. ([CVE-2015-5722 __](<https://access.redhat.com/security/cve/CVE-2015-5722>))\n\nAlso [disclosed upstream](<https://kb.isc.org/article/AA-01291/0>) today was [CVE-2015-5986 __](<https://access.redhat.com/security/cve/CVE-2015-5986>) which does not impact the version of bind in the Amazon Linux AMI.\n\n \n**Affected Packages:** \n\n\nbind\n\n \n**Issue Correction:** \nRun _yum update bind_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n bind-9.8.2-0.30.rc1.39.amzn1.i686 \n bind-libs-9.8.2-0.30.rc1.39.amzn1.i686 \n bind-sdb-9.8.2-0.30.rc1.39.amzn1.i686 \n bind-devel-9.8.2-0.30.rc1.39.amzn1.i686 \n bind-debuginfo-9.8.2-0.30.rc1.39.amzn1.i686 \n bind-chroot-9.8.2-0.30.rc1.39.amzn1.i686 \n bind-utils-9.8.2-0.30.rc1.39.amzn1.i686 \n \n src: \n bind-9.8.2-0.30.rc1.39.amzn1.src \n \n x86_64: \n bind-sdb-9.8.2-0.30.rc1.39.amzn1.x86_64 \n bind-chroot-9.8.2-0.30.rc1.39.amzn1.x86_64 \n bind-debuginfo-9.8.2-0.30.rc1.39.amzn1.x86_64 \n bind-devel-9.8.2-0.30.rc1.39.amzn1.x86_64 \n bind-9.8.2-0.30.rc1.39.amzn1.x86_64 \n bind-utils-9.8.2-0.30.rc1.39.amzn1.x86_64 \n bind-libs-9.8.2-0.30.rc1.39.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2015-09-02T12:00:00", "published": "2015-09-02T12:00:00", "id": "ALAS-2015-594", "href": "https://alas.aws.amazon.com/ALAS-2015-594.html", "title": "Critical: bind", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}